The article has been updated successfully.March 11, 2021 email from USPS regarding 'USPS Web Tools Notice: Unsecure HTTP Endpoint Retirement'
Product: ShopSite Manager, Pro, and EnterpriseVersion: 14 sp2 and earlier
Platform: ALL
I received an email notification from USPS summarizing an upcoming change to their rate Web Tools services. Do these affect my ShopSite? Is there anything that I need to do?
UPDATE: Approximately 1 July 2021, USPS sent another email to merchants with a new/delayed date for retiring the http:// endpoint, the new target date for this is October 2021.
These changes by USPS will affect all ShopSite Manager, Pro, and Enterprise versions through 14 sp2 using USPS real-time rates after the June 24th, 2021 deadline.
This has been addressed in ShopSite 14 sp3, this version and newer will use the https:// URL for the USPS endpoints.
Patches are available for the order.cgi (goes in the Shopping Cart CGI Directory) and usps.cgi and libsscommon.so.1 (that go in the ShopSite CGI Directory) for ShopSite 12 sp3 r4 (the newest v12x version) and ShopSite 14 sp2. 14 sp3 and all future versions will include this change without needing a patch.
Alternately, adding the following line to the shipdata.aa in the ShopSite Data Directory will cause ShopSite to use the new HTTPS secure endpoints which will also resolve the issue for Linux versions 12 sp2 r4 and greater without applying the patch:
usps_url: https://production.shippingapis.com/ShippingAPI.dll
To upgrade, apply patches, or add the modified endpoint URL to the shipdata.aa file, please contact your ShopSite reseller.
The 3/11/2021 email sent to merchants by USPS is as follows:
Subject: USPS Web Tools Notice: Unsecure HTTP Endpoint Retirement
Hello,
This message explains some security improvements planned for the USPS Web Tools services. Effective June 24th, 2021, Web Tools will remove support for all unsecure HTTP endpoints. After this change, all requests to an unsecure HTTP endpoint will fail when attempting to access the Web Tools APIs and integrators may see an error message. To continue using the Web Tools APIs, all requests must be made using the secure HTTPS endpoints listed below. Integrators currently using an unsecure HTTP endpoint should transition as soon as possible to the appropriate secure HTTPS endpoint below to prevent any loss of service. This change will impact only the API endpoints; the API request and response schemas will not change.
This notice is being shared with all USPS Web Tools integrators. It is possible that no changes are necessary to retain Web Tools services. Please review the entire message carefully and share with your web developer, software vendor, and/or IT service provider to determine if your use of the Web Tools APIs will be affected.
Support for the following unsecure HTTP endpoints will be discontinued in all Web Tools environments. In advance of the retirement date, please update your endpoints to the secure HTTPS endpoints listed below.
Web Tools Unsecure HTTP Endpoints Retirement Schedule
| Environment | Unsecure HTTP Endpoint | Retirement Date | New Secure HTTPS Endpoint |
| TEST | http://stg-production.shippingapis.com | 06/24/2021 | https://stg-production.shippingapis.com |
| PROD | http://production.shippingapis.com | 06/24/2021 | https://production.shippingapis.com |
Contact webtools@usps.gov with any questions or concerns.
Thank you,
USPS Web Tools Program Office
Visit us at: www.usps.com/webtools
Related Articles
No related articles were found.Attachments
No attachments were found.Visitor Comments
Article Details
Last Updated
6th of July, 2021
